Trust Assessment
registry-broker received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 9 findings: 4 critical, 0 high, 1 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Unpinned npm dependency version, Unpinned dependency versions in package.json.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings9
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/kantorcodes/registry-broker-hashnet-openclaw/examples/search-and-chat.ts:45 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/kantorcodes/registry-broker-hashnet-openclaw/scripts/index.ts:104 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/kantorcodes/registry-broker-hashnet-openclaw/scripts/index.ts:105 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/kantorcodes/registry-broker-hashnet-openclaw/scripts/index.ts:112 | |
| MEDIUM | Unpinned npm dependency version Dependency '@hashgraphonline/standards-sdk' is not pinned to an exact version ('^0.1.152'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/kantorcodes/registry-broker-hashnet-openclaw/package.json | |
| INFO | Unpinned dependency versions in package.json The 'dotenv' devDependency in package.json uses a caret (^) range, allowing minor/patch updates. While pnpm-lock.yaml ensures a specific version is installed, relying on ranges can lead to unexpected dependency updates if the lockfile is ignored or deleted, potentially introducing vulnerabilities from newer versions during development or build processes. 'dotenv' is critical for the skill's runtime environment variable loading. Pin all dependencies, including devDependencies, to exact versions (e.g., "16.4.5" instead of "^16.4.5"). Ensure a lockfile (pnpm-lock.yaml) is always used and committed to version control. | LLM | package.json:43 | |
| INFO | Unpinned dependency versions in package.json The 'tsx' devDependency in package.json uses a caret (^) range, allowing minor/patch updates. While pnpm-lock.yaml ensures a specific version is installed, relying on ranges can lead to unexpected dependency updates if the lockfile is ignored or deleted, potentially introducing vulnerabilities from newer versions during development or build processes. 'tsx' is critical for the skill's runtime execution. Pin all dependencies, including devDependencies, to exact versions (e.g., "4.20.0" instead of "^4.20.0"). Ensure a lockfile (pnpm-lock.yaml) is always used and committed to version control. | LLM | package.json:44 | |
| INFO | Unpinned dependency versions in package.json The 'typescript' devDependency in package.json uses a caret (^) range, allowing minor/patch updates. While pnpm-lock.yaml ensures a specific version is installed, relying on ranges can lead to unexpected dependency updates if the lockfile is ignored or deleted, potentially introducing vulnerabilities from newer versions during development or build processes. 'typescript' is a critical transitive dependency for 'tsx' runtime execution. Pin all dependencies, including devDependencies, to exact versions (e.g., "5.7.0" instead of "^5.7.0"). Ensure a lockfile (pnpm-lock.yaml) is always used and committed to version control. | LLM | package.json:45 | |
| INFO | Unpinned dependency versions in package.json The '@types/node' devDependency in package.json uses a caret (^) range, allowing minor/patch updates. While pnpm-lock.yaml ensures a specific version is installed, relying on ranges can lead to unexpected dependency updates if the lockfile is ignored or deleted, potentially introducing vulnerabilities from newer versions during development or build processes. Pin all dependencies, including devDependencies, to exact versions (e.g., "22.0.0" instead of "^22.0.0"). Ensure a lockfile (pnpm-lock.yaml) is always used and committed to version control. | LLM | package.json:42 |
Scan History
Embed Code
[](https://skillshield.io/report/9c6c69e136a4427b)
Powered by SkillShield